We Claim: 

.A method of verifying a pair of participants in an electronic transaction to permit exchange 
of mformation therebetween, each of said participants includes a memory and having a 
respective private key t, a and public key Yj, Y^, stored therein, said public keys derived from 
a generator a and a respective ones of said private keys t, a, said method comprising the steps 
of: 

(a) a first of s^ participants generating a unique transaction identification information PID 
upon initiatiorkof said electronic transaction; 

(b) said first participant forwarding to a second participant said transaction identification 
information PID and a first certificate CI, said first certificate being signed by a 
certification authoritjNaccording to a predetermined algorithm and including an 
identification informatiok TIU ID unique to said first participant and said public 
information of said first participant; 

(c) said second participant verifyhig said first certificate CI, according: to said predetermined 
algorithm, upon receipt thereof akl extracting said identification information TIU ID and 
said public information therefror 

(d) said second participant, upon verification of said first certificate CI, generating first and 
second random integers R2 and R3, respectively; 

(e) said second participant generating a third r^om integer k and computing a session 
parameter a*" by exponentiating a fiinction including said generator to a power k and 
exponentiating said public key Y^ to a power k to produce a session key Y^*" ; 

(f) said second participant generating a first signature cohiponent rl by signing said 
transaction identification information PID utilizing said public key Y^ of said first 
participant and generating a second signature component slN^y signing said first random 
integer R2 utilizing said private key a of said second participant, said signatures being 
generated according to a predetermined protocol . \ 

(g) said second participant forwarding a message to said first participantv including said 
signature components rl, si and a second certificate C2 signed by said certification 
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luthority according to a predetermined algorithm and including an identification 
iiuprmation CID unique to said second participant and said public information Yc of said 
participant; 

(h) said fJtst participant verifying said second certificate C2 and extracting said identification 
informatton CID and public key Y^. and verifying the authenticity of said second 
participanrsby extracting said transaction identification information PID from said 
received message and comparing said received transaction identification information PID 
to said transmitted value; 

(i) said first particmant extracting said first random integer R2 fi'om said received message 
and transmitting said first random integer R2 to said second participant to acknowledge 
verification of said sex;ond participant; 

(j) said second participantVerifying the authenticity of said first participant by comparing 
said received first random integer R2 to said generated first random integer R2 and 
transmitting said second random integer R3 to said first participant to acknowledging 
verification of said first participant, thereby permitting exchange of information between 
said participants. 

r 

A method as defined in claim 1, wheB;ein said first participant forwards a transaction 
amount TA with said identification PII 

^ A method as defined in claim I, wherein saidiirst signature component rl combines said 
session key Y,*" and a message M2, indicative oislhe concatenation of said identification 
information TIU ID, said first random informations^, and said transaction identification 
information PID. 

^ A method as defined in claim 3, wherein said first signaturespomponent rl is of the form 
M2* Y^*^ mod L, 
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method as defined in claim 3, wherein said second signature component si is of the 
forai h*a + k mod q, where q is the order of an elliptic curve, h is a hash of the 
concatenation of said second random integer R3, said session parameter a*" and said 
message ^2. 

A method as (Mined in claim 5, including in step (g) of claim 1 forwarding said hash to 
said first participant. 

^ \ 

method of verifyingva pair of participants in an electronic transaction to permit 

10 exchange of informationStherebetween, each of said participants includes a memory and 

having a respective private^ey t, a and public key Y,, stored therein, said public keys 

derived from a generator a and a respective ones of said private keys t, a, said method 

comprising the steps of: 

(a) a first of said participants generating a unique transaction identification information PID 
15 upon initiation of said electronic trm^action; 

(b) said first participant forwarding to a se^nd participant said transaction identification 
information PID and a first certificate Cl,\aid first certificate being signed by a 
certification authority according to a predetermined algorithm and including an 
identification information TIU ID unique to saio^first participant and said public 

20 information Y^ of said first participant; 

(c) said second participant verifying said first certificateN^l, according to said predetermined 
algorithm, upon receipt thereof and extracting said idenrification information TIU ID and 
said public information Y^ therefi"om; 

(d) said second participant, upon verification of said first certific^e CI, generating a first 
2 5 random integer R2 ; 

(e) said second participant generating a first and second signature coniponents rl, si utilizing 
said public key Yj of said first participant and said private key a of sai)^ second participant, 
respectively according to a predetermined protocol; 
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(f) samvsecond participant forwarding a message to said first participant, including said 
signatul?e components rl, si and a second certificate C2 signed by said certification 
authority according to a predetermined algorithm and including an identification 
information CiD unique to said second participant and said public information Yc of said 
second participant;N^ 

(g) said first participant verifying said second certificate C2 and extracting said identification 
information CID and publickey and verifying the authenticity of said second 
participant by extracting said transaction identification information PID from said 
received message and comparing said received transaction identification information PID 

10 to said transmitted value; 

(h) said first participant extracting said first^midom integer R2 fi-om said received message 
and transmitting said first random integer R2^to said second participant to acknowledge 
verification of said second participant; and 

(i) said second participant verifying the authenticity ofs^id first participant by comparing 
1 5 said received first random integer R2 to said generatedsfirst random integer R2 and 

transmitting a second random integer R3 to said first participant to acknowledging 
verification of said first participant, thereby permitting exchange of information between 
said participants. 
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